[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 0/2] kex: fix RFC8332 RSA extension selection bug
[Thread Prev] | [Thread Next]
- Subject: [PATCH 0/2] kex: fix RFC8332 RSA extension selection bug
- From: Jon Simons <jon@xxxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Mon, 4 Feb 2019 19:10:45 -0500
- To: libssh@xxxxxxxxxx
- Cc: Jon Simons <jon@xxxxxxxxxxxxx>
Included here is an update to the pkd tests to reproduce a bug in RFC8332 RSA extension selection, as well as a fix which makes the test pass. When libssh server is provided "rsa-sha2-256,rsa-sha2-512" by the client for host key algorithms, it will unconditionally reply using the rsa-sha2-512 variant. But, the server should respect the client's preference in this case and use rsa-sha2-256. Also available here: * https://github.com/simonsj/libssh/tree/simonsj/patch/fix-rfc8332-bug-2-4-2019 * https://gitlab.com/simonsj1/libssh-mirror/tree/simonsj/patch/fix-rfc8332-bug-2-4-2019 Jon Simons (2): tests/pkd: repro rsa-sha2-{256,512} negotiation bug kex: honor client preference for rsa-sha2-{256,512} host key algorithms src/kex.c | 24 ++++++++++++++++++++++++ tests/pkd/pkd_client.h | 15 +++++++++------ tests/pkd/pkd_hello.c | 8 ++++++++ 3 files changed, 41 insertions(+), 6 deletions(-) -- 2.19.1.593.gc670b1f
| [PATCH 1/2] tests/pkd: repro rsa-sha2-{256,512} negotiation bug | Jon Simons <jon@xxxxxxxxxxxxx> |
| [PATCH 2/2] kex: honor client preference for rsa-sha2-{256,512} host key algorithms | Jon Simons <jon@xxxxxxxxxxxxx> |
| Re: [PATCH 0/2] kex: fix RFC8332 RSA extension selection bug | Jakub Jelen <jjelen@xxxxxxxxxx> |